Tarsnap is a secure online backup service for UNIX-like operating systems, including BSD, Linux, and OS X. It was created in 2008 by Colin Percival. Tarsnap encrypts data, and then stores it on Amazon S3.

Contents

The service is designed for efficiency, only uploading and storing data that has directly changed since the last backup.[3] Its security keys are known only to the user.[4]

It was developed and debugged, with input solicited from bug bounty hunters, to try to find vulnerabilities.[5] An inadvertent yet serious nonce-reuse vulnerability was found by this process and fixed in 2011.[6]

The document of the presentation "From bsdtar to tarsnap"[7] by Percival from EuroBSD-Con 2013 contains "all kinds of detail on exactly how the algorithms work, how deduplication is managed ... the innards of how Tarsnap works"[8]